Categories & Download Types

About this task

The Configuration > Group Policy > Default Policy > Categories & Download Types page allows you to configure how URL requests to sites categorized by content
type and files categorized by download type are handled by the Web Appliance.

Follow these steps

Set the behavior that you want the Web Appliance to
apply to each category listed in the Site categories section:

Allow: Lets users view sites of this classification.

Warn: Presents a warning to users that they are at risk of
violating their organization’s web use policy, but allows them to proceed. Once a user
has chosen to proceed, no warning page for that site will be displayed to that user
for 30 minutes. If the site is in the Streaming Media category, proceeding will enable
all streaming media for 30 minutes.

Block: Prevents users from viewing sites of this
classification.

Important

Blocking Advertisements and Pop-ups also
blocks content that appears behind interstitial pages, pages of advertising that appear
prior to the loading of a requested content URL. In blocking these pages, the content
that is behind them is also blocked.

Allow user feedback from the notification pages by selecting
this check box or remove this option by clearing it.

This option applies to only low risk sites and to medium risk sites if they have been
configured to be scanned.

Note

If this option is enabled, users’ requests from notification pages for
site recategorizations or to allow downloading of file types or PUAs can be viewed in
the Search > User Submissions pages.

Select the download type controls that you want to apply.

Note

Download-type controls for Windows system files, Windows
scripts, and Windows HTML App files are not supported in Endpoint Web Control.

Allow: Lets users download files of this type.

Warn: Presents a warning to users that they are at risk of
violating their organization’s download policy, but allows them to proceed. A log
entry is created when a user proceeds in possible contravention of the organization’s
web use policy.

Block: Prevents users from downloading files of this
type.

Note

The display of Web Appliance warning
pages disrupts the playback of streaming media players, such as Windows Media Player,
RealPlayer, and the QuickTime player. If you want to allow your users to play streaming
media using any of these players, ensure that the Warn option is
not selected.

Important

To enable access to Quicktime video with a warning displayed to
users, set the Site category, "Streaming
Media", with Warn enabled. Then set the
Download type of "QuickTime Video (mov)"
to Allow with Warn cleared. When users
request a streaming QuickTime video URL, a warning page will be displayed, and when they
click Proceed, the media stream will begin.

Select the Sandstorm profile that you want to apply.

Send any suspicious files for analysis: all suspicious
downloaded items will be sent for analysis in the Sophos Active
Sandbox component of Sophos Sandstorm.

Exclude suspicious PDFs and documents: send all suspicious
downloads for analysis in the Sophos Active Sandbox, except
PDFs and other documents.

Do not send suspicious files for analysis: do not send any
downloaded items for analysis, even if they are suspicious.

Note

The Sandstorm option is not available if you do not have
a Sophos Sandstorm
license.

Block PUA Downloads from being downloaded by users by selecting
this check box, or allow PUA downloads by clearing it.

Note

Specific PUAs can be allowed with this feature enabled by setting the
exception on the Configuration > Global Policy > Download Options page.